1. Technical Field
The present invention relates in general to electronic networks and in particular to remote access to electronic networks. Still more particularly, the present invention relates to remote access to client terminals on electronic networks utilizing a web browser application and the Internet.
2. Description of the Related Art
Client/Server software architectures have been in use since the late 1980s throughout industry. These architectures provide a versatile infrastructure that supports shared access to server resources. A client is defined as a requester of services, and a server is defined as the provider of services. A single machine can be both a client and a server depending on the software configuration. A client machine is loaded with client software, while a server machine is loaded with server software. Clients can be either stand-alone computer systems (like personal computers, or PCs) or xe2x80x9cdumberxe2x80x9d systems adapted for limited use with a network. With computer system clients, the local terminal may also be loaded with a user""s individual software applications not shared on the network.
With most client/server architectures, the user system interface is usually located in the user""s desktop environment and the applications and/or services are usually stored in a server that services many clients. The database management server provides stored procedures and triggers.
A generalized client-server computing network has several nodes or servers which are interconnected, either directly to each other or indirectly through one of the other servers. Each server is essentially a stand-alone computer system (having one or more processors, memory devices, and communications devices), that has been adapted (programmed) for one primary purpose, that of providing information and/or services to individual users at another set of nodes or workstation clients.
The information provided by a server can be in the form of programs which run locally on a given client terminal, or in the form of data, such as files, that are used by other programs. Users can also communicate with each other in real-time as well as by delayed file delivery, i.e., users with terminals connected to the same server can all communicate with each other without the need for the larger network, and users with terminals at different servers can communicate with each other via the network. The network can be local in nature, or can be further connected to other networks.
The construction of a network is also generally applicable to Wide Area Networks (WAN) including the Internet. The World Wide Web (commonly referred to as xe2x80x9cWebxe2x80x9d) is a graphic, interactive interface for the Internet. The term Internet is utilized interchangeably with Web throughout this specification. Internet services are typically accessed by specifying a unique address, or universal resource locator (URL). The process utilizes Transfer Control Protocol/Internet Protocol (TCP/IP) transactions via telecommunication networks and a modem. The URL allows a web browser to connect and communicate with a HyperText Transfer Protocol (HTTP) server over the Web. The URL has two basic components, the protocol to be used, and the object pathname. For example, the URL xe2x80x9chttp://www.uspto.govxe2x80x9d (home page for the United States Patent and Trademark Office) specifies a hypertext transfer protocol (xe2x80x9chttpxe2x80x9d) and a pathname of the server (xe2x80x9cwww.uspto.govxe2x80x9d). The server name is associated with a unique numeric value (a TCP/IP address, or xe2x80x9cdomainxe2x80x9d).
There is typically a different computer program application (web browser clients, referred to hereinafter as web browser) on a data processing system connected to the web that is utilized to access servers connected to the Web. Today, most networks are connected to the Internet and the servers in the network store web pages that are accessible by clients/machines communicating with the server via the Web. A web page is a graphic display which is usually linked together and may be downloaded to a data processing system utilizing a web browser.
A web browser is a client application which enables a user to view web pages (created with hypertext markup language (HTML)) on the Web, another network, or the user""s computer, follow the hyperlinks within them, and transfer files. Most web browsers require a connection which can handle IP packets but will also display graphics that are in a HTML document, play audio and video files, and execute small programs, such as Java applets that can be embedded in the HTML documents. Most web browsers also allow users to send and receive e-mail and to read and respond to newsgroups.
Conventional protocols and services have been established for the Internet which allow the transfer of various types of information, including electronic mail, simple file transfers via FTP (File Transfer Protocol), remote computing via Telnet, xe2x80x9cgopherxe2x80x9d searching, Usenet newsgroups, and hypertext file delivery and multimedia streaming via the Internet. A given server can be dedicated to performing one of these operations, or running multiple services.
One problem associated with these remote services is that the remote login panelsxe2x80x94for telnet, tn, ftp, rlogin, etc.xe2x80x94are not standardized nor universal. Each login panel is configured differently and may require different information to permit access to the remote server. Additional problems include the lack of firewall protection, the unavailability of graphical user interface (GUI) support, and limited accessibility via a visible machine or one allowed to access the server machine.
The Lightweight Directory Access Protocol (LDAP) is a protocol for accessing online directory services. It runs directly over TCP, and can be used to access a stand alone LDAP directory service or to access a directory service that is back-ended by X.500 or DB2, the global directory structure which operates essentially as a web directory.
The IETF (Internet Engineering Task Force) developed the LDAP specification which rapidly became the solution of choice for all types of directory service applications on IP networks. LDAP applications can be loosely grouped into three categories: those that locate network users and resources; those that manage them; and those that authenticate and secure them.
LDAP directories play the role of a network-accessible database, by organizing and indexing information. For example, the address book in most e-mail clients employs LDAP to locate addresses. When a user browses the member directory at a Web site, or a consumer scans the bestseller lists of an online bookstore, they are utilizing the resources of an LDAP.
LDAP directories and operating systems are melding to create intelligent environments that can locate network resources automatically. LDAP also is starting to play a critical role in network management. Without LDAP, corporate networkers have to maintain duplicate user information in dozens of application-specific directories across the network. With LDAP, it""s possible to centralize this information in a single directory accessed by all applications.
One of the desired features of networks, whether LAN or Internet based, is the ability to login from a remote location and connecting to the server. Typically servers are accessible via remote login utilities such as file transfer protocol (ftp), telnet, tn, rlogin, etc. utilizing a telephone line, Integrated Services Digital Network (ISDN), or Digital Subscriber Line (DSL). However, these remote login utilities currently only provide limited access (typically to top level network resources such as file transfer or e-mail) to a user""s working environment. Those skilled in the art are familiar with the intrinsic limitations of remote login that make only specific top level services available to the remote user. From a remote workstation or PC, current network applications do not allow a user to access and/or make the remote machine act like the user""s own working environment. For example, the user may desire to access his personal desktop setting and software (spreadsheets and word processors, etc.) from a remote site. Presently, the user will be unable to gain such wide access with the limited top level access available. With workers in today""s work environment constantly on the move, the increasing flexibility and desire to work from home, a demand for full and easy remote access to a user""s client terminal (desktop environment) exists.
The present invention appreciates the fact that it would be desirable to provide a method and system for remotely logging on to a user""s personal workstation connected to a server of a network. It would further be desirable to remotely login to a network""s server via a web browser over the Internet and to provide secure access to a user""s particular desktop. It would also be desirable if the login system was uniquely identifiable and supported by a GUI.
It is therefore one object of the present invention to provide an improved electronic network.
It is another object of the present invention to provide an improved method and system for remote access to electronic networks.
It is yet another object of the present invention to provide an method and system for remote login to a client terminal/workstation connected to an electronic network utilizing a web browser application over the Internet and a modified Directory Access Protocol.
The foregoing objects are achieved as is now described. A method for allowing remote login to a user""s personal workstation is described. The work station is a client terminal connected to a server within a network. The method includes the steps of searching, from a remote location, for a login web page of the network via a web browser, and entering a series of login credential information into a particular login request area on the login web page. In response to correctly entering the login credential information, the user is provided with a Graphical User Interface (GUI) representation of the particular user""s workstation and full access to the personal network information such as software applications stored in the memory of the client terminal (i.e. simulating the user""s network terminal GUI and providing full access to locally stored software and functional elements of the user""s work station). In a preferred embodiment, the login credential information includes the server site, the user identification, and the user""s security password. The search for the particular web page and workstation using the login credential information is managed by the Lightweight Directory Access Protocol (LDAP).
The above as well as additional objects, features, and advantages of the present invention will become apparent in the following detailed written description.